Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#79503 - [python-pipenv] breaks fetching deps protected by credentials

Attached to Project: Arch Linux
Opened by Kacper Kopczyński (capsel) - Tuesday, 29 August 2023, 09:50 GMT
Last edited by Andrew Crerar (andrewSC) - Thursday, 31 August 2023, 15:36 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Andrew Crerar (andrewSC)
Morten Linderud (Foxboron)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
It breaks dependency fetching from repositories protected by user/pass.

I've got [[source]] section in Pipfile that has url like "https://${CREDENTIALS}@repo.org/repository/pypi-something/simple"

I test it using `pipenv install`.

With version 2023.8.23 all files can be downloaded from that repository - after that everything works as usual.
With version 2023.8.26 none of the files can be downloaded but... only in some "strange" conditions related to single package version. I tried removing config/cache/virtualenvs directories for pyenv, pip, pipx, pipenv and nothing helped. If I find time maybe I'll investigate it further but for now downgrading to 2023.8.23 solved problem for me.

This task depends upon

Closed by  Andrew Crerar (andrewSC)
Thursday, 31 August 2023, 15:36 GMT
Reason for closing:  Fixed
Additional comments about closing:  v2023.8.28 now exists in [extra]
Comment by Kacper Kopczyński (capsel) - Tuesday, 29 August 2023, 09:55 GMT
this seems to be upstream bug https://github.com/pypa/pipenv/issues/5880
Comment by Toolybird (Toolybird) - Tuesday, 29 August 2023, 21:36 GMT
Upstream have released v2023.8.28 which contains the fix.

Loading...